RPM signing error

Doing a PoC on RPM signing and am currently stuck. I created a GPG key on my laptop using git bash. Then exported the public key, private key and the trustdb. In my GitLab project, I added all 3 files. My yml is given below:

  stage: sign
  image: centos:latest
    - master
    - yum install -y rpm-sign
    - gpg --import public.pgp
    - gpg --import private.pgp
    - gpg --import-ownertrust < trust.txt
    - gpg --list-keys --keyid-format LONG
    - gpg --list-secret-keys --keyid-format LONG
    - rpm --define "_gpg_name eavibis" --define "_signature gpg" --addsign ics-service-rpm-1.0.3-1.noarch.rpm
    - rpm --checksig ics-service-rpm-1.0.3-1.noarch.rpm
    - tar -zcvf signed_rpm.tar.gz *.rpm
    - docker-devuser
      - $CI_PROJECT_DIR/*.tar.gz
    expire_in: 1 hour

If I run the addsign command twice, on the second run, I get the message:

warning: ics-service-rpm-1.0.3-1.noarch.rpm already contains identical signature, skipping

This clearly indicates that the sign has been added. However, at the checksig command output, I am getting the following error:

ics-service-rpm-1.0.3-1.noarch.rpm: RSA sha1 ((MD5) PGP) md5 NOT OK (MISSING KEYS: (MD5) PGP#3d525b88)

What am I doing wrong?